ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Apple Icloud Suite

v1.0.6

Apple iCloud 全套服务操作:日历、照片、iCloud Drive、设备查找、提醒事项。 Use when: (1) 用户要求查看/创建/修改/删除日历事件或日程, (2) 用户说"帮我看看今天有什么安排"/"加个日程"/"改一下会议时间", (3) 用户要求查找/下载/管理 iCloud 照片, (4...

0· 227·2 current·2 all-time
by@lovensky1992-wk
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
high confidence
!
Purpose & Capability
The scripts and SKILL.md implement iCloud photos, Drive, CalDAV calendar, Find My, reminders and an always-on 'status_wall' — which matches the skill name. However the registry metadata declares no required environment variables or credentials while the code and instructions explicitly require Apple ID main password, application-specific password, and a third-party AMAP_API_KEY. That mismatch (declared requirements = none vs. actual required secrets in scripts/docs) is an incoherence.
!
Instruction Scope
Runtime instructions and scripts direct the agent to collect Apple ID main password + 2FA, an app-specific password, and a High‑frequency location polling workflow (status_wall) that can run as a background daemon, read calendars, devices, photos, and write config/session files under the user's home. The SKILL.md also instructs to 'ask for credentials at enable time' and to run background polling automatically — this expands scope from passive queries to persistent location collection and automated actions.
Install Mechanism
No opaque external downloads are used; SKILL.md recommends pip-installing public packages (pyicloud, caldav, icloudpd, icalendar). There is no registry install spec in the metadata but the recommended installs are traceable public Python packages. No suspicious remote archives or URL shorteners were observed.
!
Credentials
The code requires highly sensitive secrets: Apple ID main password (for pyicloud/Find My), Apple app-specific password (for CalDAV/calendar), and a third-party AMAP_API_KEY (for reverse geocoding). While these are functionally relevant to features (Find My requires higher privileges; calendars use app passwords), the registry metadata did not declare any required env vars, so the skill's claimed environment footprint is inconsistent with what it actually asks for. Requiring the Apple main password is especially sensitive and increases risk.
!
Persistence & Privilege
The skill includes a 'status_wall' daemon that the documentation instructs users to start; it caches sessions under ~/.pyicloud/ and writes ~/.status_wall.json, PID and log files. SKILL.md says the status wall will 'automatically run' every 15 minutes and switch to 1-minute polling during commutes. Although the registry flags do not set always:true, the skill's design encourages persistent background collection of device location and calendar state, which materially increases privacy and operational risk.
What to consider before installing
This skill appears to implement real iCloud functionality, but there are several red flags you should consider before installing: - Credentials: The code and docs ask for your Apple ID main password (for Find My/photos) and an app-specific password (for CalDAV), plus a third-party AMAP API key. These are highly sensitive — the main password gives broad access and is not limited like an app-specific password. - Metadata mismatch: The registry metadata lists no required env vars, but the scripts clearly require and/or prompt for ICLOUD_USERNAME, ICLOUD_PASSWORD, ICLOUD_APP_PASSWORD, ICLOUD_CHINA and AMAP_API_KEY. That inconsistency is suspicious and makes auditing/trust harder. - Persistence & location privacy: The status_wall component is designed to run as a background daemon that polls device location frequently (every 15 minutes or 1 minute in commute mode) and writes local cache/config files. If you enable this, your device location will be continuously read and processed — only enable if you fully trust the code and understand where credentials/session files are stored (~/.pyicloud/, ~/.status_wall.*). - Provenance: Source/homepage are unknown and some internal metadata (ownerId and version in _meta.json) mismatch registry-level fields; consider this a trust risk. Prefer skills with clear authorship and published sources. Recommendations: - Do not provide your Apple main password to an unclear/unknown skill; prefer app-specific passwords where possible. - Review the script files yourself (or have a trusted developer do so) before running. The code is present in the package, which helps auditing. - If you only need calendar access, use an app-specific password and the CalDAV scripts; avoid enabling status_wall unless you understand and accept continuous location polling and have secured the machine where the daemon runs. - If unsure, run the scripts locally in an isolated environment (offline or on a disposable machine), or decline installation until the publisher/source can be verified.

Like a lobster shell, security has layers — review code before you run it.

latestvk9725v77kdvrt6qp1nwchfdqvs84qhhp

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments